NIAP: NIAP CCEVS Announcements
NIAP/CCEVS
  NIAP  »»  Announcements  »»  NIAP Announcements  
NIAP Announcements

  Call for Participants for Bluetooth Technical Community (17 November 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the development of a Protection Profile Module for Bluetooth functionality.  Members of this TC are expected to provide technical input to the development of a Protection Profile Module for a baseline set of Security Functional Requirements (SFRs) for products that implement Bluetooth.

 

 

All interested parties should contact NIAP/CCEVS at tc-bt-staff@niap-ccevs.org, providing the information listed below for each potential participant:

 

• Name

• Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other) 

• Telephone number

• Email address

• A brief statement of the qualifications for participation in the TC

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann195

  Call for Participants for Transport Layer Security (TLS) Technical Community (08 November 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a technical community for the development of a protection profile for Transport Layer Security (TLS). Members of this TC are expected to provide technical input to the development of a Protection Profile for a baseline set of Security Functional Requirements (SFRs) for products that implement TLS.

All interested parties should contact NIAP/CCEVS at tc-tls-staff@niap-ccevs.org, providing the information listed below for each potential participant: 

 Name 

 Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)  

 Telephone number 

 Email address 

 A brief statement of the qualifications for participation in the TC

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann194

  Update on Labgram #106/Valgram #126 "Impact of NIST 2017 Transitions to NIAP." (31 October 2017)

NIAP is rescinding Labgram #106/Valgram #126 "Impact of NIST 2017 Transitions to NIAP."  Following discussions with our subject matter experts and NIST's announcement regarding the transition delay (https://csrc.nist.gov/News/2017/Transition-Plans-for-Key-Establishment-Schemes), NIAP has decided that Labgram #106 will be archived and no part of it will be enforced.

 

If you have any questions or concerns, please contact us at niap@niap-ccevs.org.

 

 

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann192

  NIAP Progress Report – Third Quarter 2017 (24 October 2017)

See the NIAP Third Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann191

  PP-Module for Virtual Private Network (VPN) Clients Version 2.1 Published (05 October 2017)

 

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the PP-Module for Virtual Private Network (VPN) Clients Version 2.1.  Minor updates were made to convert the predecessor VPN Client Extended Package v2.0 to a PP-Module in accordance with the recently published CC Version 3.1 R5.  Given the minimal changes, this version replaces Version 2.0 which will be sunset on December 26, 2017 to coincide with its predecessor's sunset date.

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann190

Previous Announcements

  DoD Annex for MDF PP v3.1 (31 July 2017)

The DoD Annex for the Mobile Device Fundamentals Protection Profile (MDF PP) v3.1 has been published to the NIAP Protection Profile website.  This DoD Annex is used to mandate specific PP selections, assignments, and security functional requirements to be fully compliant with DoD cybersecurity policies, and applies to all DoD-administered systems and all systems connected to DoD networks.                  

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann189

  NIAP Progress Report – Second Quarter 2017 (11 July 2017)

See the NIAP Second Quarter Progress Report to learn about recent NIAP accomplishments and activities, and upcoming releases.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann188

  NIAP Endorses NDcPP v2.0 (07 July 2017)

NIAP has endorsed the Network Device collaborative Protection Profile v2.0 (NDcPP v2.0) and published the cPP and Supporting Documents to the NIAP Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the ND cPP that demonstrate exact conformance to the cPP, and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List.  The updated NDcPP v2.0 allows for evaluation of devices that are suitable for the use cases identified in the ND cPP, to include distributed network devices.    

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann187

  VPN Client EP V2.0 Published (27 June 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the VPN Client Extended Package (VPN Client EP), Version 2.0.  The EP extends the GPOS PP when the VPN client is installed on an operating system (e.g., Windows, Mac OS, Linux),  the MDF PP when the VPN client is installed on a self-contained mobile device that is bundled with an operating system (e.g. Android, BlackBerry OS, iOS, Windows Mobile),  and the App PP when the VPN client is provided by a third party and is a standalone application that is not a bundled part of an operating system or mobile device. This EP describes the security functionality of a software application that runs on a physical or virtual host platform, used to establish a secure IPsec connection between that host platform and a remote system.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann186

  Mobile Device Fundamentals Protection Profile v3.1 Published! (16 June 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Mobile Device Fundamentals Protection Profile version 3.1 (MD PP v3.1).  Updates were made to modify several biometric requirements and to incorporate all applicable NIAP Technical Decisions. Given the minimal changes, this version replaces Version 3.0, which will be sunsetted next month.

Please follow the link for more information:

https://www.niap-ccevs.org/Profile/Info.cfm?id=417

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann185

  Full Drive Encryption (FDE) Enterprise Management Draft Available for Public Review (10 May 2017)

The FDE iTC has released the draft Enterprise Management module for public review.  Please visit the FDE Technical Community page to review the draft and related comment forms.  The public comment period will close on Friday, 26 May 2017.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann183

  DHS Releases Study on Mobile Device Security (04 May 2017)

The Department of Homeland Security (DHS) has submitted a report to Congress that details current and emerging threats to the Federal government’s use of mobile devices and recommends security improvements to the mobile device ecosystem.  Mandated by the Cybersecurity Act of 2015, the “Study on Mobile Device Security” relied on significant input from mobile industry vendors, carriers, service providers and academic researchers.

The Study recommends adoption of mobile security criteria found in NIAP Protection Profiles as a way to provide increased assurance for mobile devices.  NIAP encourages vendor and end user participation in Technical Communities to collaboratively define security requirements for commercial technologies.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann182

  NIAP Progress Report – First Quarter 2017 (31 March 2017)

See the NIAP first Quarter Progress report to learn about recent NIAP accomplishments and activities, and upcoming releases.

Read the report here

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann181

  Call for Participants for File Encryption Technical Community (13 March 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community for the update of the File Encryption Extended Profile (EP).  Members of this TC are expected to provide technical input to update the EP to include requirements for enterprise management and update the requirements for multi-user support.

All interested parties should contact NIAP/CCEVS at tc-file-staff@niap-ccevs.org, providing the information listed below for each potential participant:

• Name
• Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)
• Telephone number
• Email address
• A brief statement of the qualifications for participation in the TC
• In addition, if there are other issues recommended to include for this update, please provide a brief description for consideration.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann179

  VPN Gateway Extended Package Version 2.1 Published (08 March 2017)

 

The  National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the VPN Gateway Extended Package Version 2.1.  Minor updates were made to add the FWcPP as an additional base PP and transport mode is no longer mandated in IPSEC communication.  All other changes were typographical and formatting for consistency across EPs.  Given the minimal changes, this version replaces the Version 2.0 which has been sunset, effective immediately.

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann178

  Call for Participants for PSS Technical Community (01 March 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community for the update of the Peripheral Sharing Switch Protection Profile version 3.0. Members of this TC are expected to provide technical input to update the Protection Profile for products that provide a PSS capability.

All interested parties should contact NIAP/CCEVS at tc-pss-staff@niap-ccevs.org, providing the information listed below for each potential participant:

• Name

• Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other) 

• Telephone number

• Email address

• A brief statement of the qualifications for participation in the TC

NIAP plans to hold the Kick-Off meeting on Wednesday, 15 March 2017.  We look forward to your participation!       

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann177

  Call for Participants for SSL/TLS Inspection Technical Community (08 February 2017)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a technical community for the development of a protection profile for TLS Inspection products. Members of this TC are expected to provide technical input to the development of Protection Profile for products that provide a TLS inspection capability.

All interested parties should contact NIAP/CCEVS at tc-tlsi-staff@niap-ccevs.org, providing the information listed below for each potential participant: 

 

Name 

 

Affiliation (Vendor/CCTL/Academic Institution/Scheme/Other)  

 

Telephone number 

 

Email address 

 

A brief statement of the qualifications for participation in the TC

 

 

 

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann176

  NIAP 2016 Report (19 January 2017)

NIAP has released the progress report for 2016 that documents significant accomplishments and looks further ahead into 2017.

Read the report here.

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann175

  Mobile Device Management Protection Profile v3.0 and Mobile Device Management Agents Extended Package v3.0 Published (07 December 2016)

The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Mobile Device Management, Version 3.0 (MDM PP v3.0) and MDM Agents Extended Package, Version 3.0 (MDM Agent EP v3.0). This PP/EP includes updates based on questions sent to the Technical Rapid Response Team, clarification to many requirements and assurance activities, and adding SFRs to support Bring Your Own Device (BYOD) Use Case. This PP/EP can be found here:  https://www.niap-ccevs.org/Profile/PP.cfm      

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann174

  Updated DoD Annexes for MDM PP and MDM Agent PP v2.0 (29 November 2016)

An updated version of the DoD Annex for the Mobile Device Management Protection Profile (MDM PP) v2.0 and MDM Agent PP v2.0 has been published to the NIAP Protection Profile website.  These DoD Annexes are used to mandate specific PP selections, assignments, and security functional requirements to be fully compliant with DoD cybersecurity policies, and applies to all DoD-administered systems and all systems connected to DoD networks.     

 

direct link to this item: https://www.niap-ccevs.org/Announcements/Announcements.cfm#ann173
Site Map              Contact Us              Home